It has now started working on pfSense again but when I disconnect pfSense my desktop PC can no longer connect! Is it possible that my ISP is doing some kind of temporary MAC binding, like once a PPPoE connection is established from a MAC address, no other MAC address can connect for a specified amount of time or until the first one is gracefully terminated? The problem mostly occurs after a non-graceful disconnect so I suspect the MAC lock is not released.

@biggsy:

You may want to read this if you haven't seen it:

http://doc.pfsense.org/index.php/PfSense_2_on_VMware_ESXi_5

i've downloaded the ESXI VI image,
i am playing with PFsense now,
i must say is a great producte,
i will donate tonight to the team

It would appear that I have resolved this in my situation anyway.

It turned out to be the physical nic setting in vmware was set to 100meg full duplex.

I changed this to auto negotiate and it still negotiates to 100meg full deplux but the problem totally goes away!!

If I switch it back to specifying 100meg full duplex I get the problem again so it is defiantly that setting.

Thanks for the help Supermule

So if anyone is having similar issues check this setting!

I would bridge them them all. 
What I do on the host vm for the adapter settings in windows on the adapter for your NIC1 and NIC2 is disable everything except the vmware bridging protocol.  That way only the vm gets and IP, and the host basically does not see the ones connected to the modems.

Your nic3 you leave alone as your host needs the internet connection also.

How are your virtual switches setup? Are you using two pfsense VM's? I don't understand why you would use two VM's for this.

-Sean

Hi Jim, thanks for the reply. Now I can sleep better :)

I wonder if there are other ways to accomplish the similar? I wanted to repurpose my old desktop not just as a firewall/router but a media server as well. I'll try looking into Xen or Linux+VBox+pfSense and see if PCI passthrough works that way.

Cheers!

Were you able to get vmxnet3 drivers working on 2.0.2/3 ?

For me vmxnet2 works with no issues but vmxnet3 comes up as not detected. This is with the latest 2.0.3 version.

Unfortunately it's again me…

I did some further tests - I installed Windows Server 2008R2 x64 on the same hardware as a VM. On this machine I can use "KVM Hardware Virtualization" enabled. Windows installs without problems. Further I can use the VirtIO drivers for NIC, HDD and ballooning.

On pfsense 2.1 I modified the /boot/loader.conf.local like described here in the wiki:
http://doc.pfsense.org/index.php/VirtIO_Driver_Support

When running the following commands I get the same output as described on the wiki:

kldstat

df -h

swapinfo

So the modules seems to be running, ballooning seems to work and the HDD driver seems to work. Even if the if_vtnet.ko is loaded I cannot use my NICs as VirtIO. If I revert back to E1000 on proxmox it is working. (Remember, on the same Proxmox Server I can use VirtIO for NICs on Windows).

I followed the same pfsense doc instructions on another ProxmoxVM with different server hardware and all worked.

So my questions are:
Did I something wrong or could it be that FreeBSD 8.3 does not support the new server hardware I use and so some things like VirtIO for NICs is not supported ? Or is it something with Proxmox?

I appreciate any help or hint :-)

OK. Thanks for the update. I'll do some groping around on that topic.

Is there a handy command to dump interface features/modes in FreeBSD? Maybe the output of that could be helpful on what PF is seeing.

Thanks!

I found the answer to this problem here:

http://pastebin.com/kQMiqwF3

The thing that I changed (not sure if it makes a difference) is to use "packages-8.3-release" since pfSense 2.1 is based on FreeBSD 8.3.

Oh yeah, that also says ftp-archive, don't put the -archive in the name.

Over a month and no answer?
Unacceptable as Seven of Nine would have put it :)

The trick is to see the virtual switches as physical ones and treat them the same way.
If we would build this in a server rack with physical stuff we would need
1. one wan switch
2. One incoming wan connection
3. One internal switch
4. One outgoing connection to the internal network
5. One server
6. One firewall

Lets do the same thing in the virtual world…..

The first thing to do is to create the wan swtich (nr 1 above). Do that by going into virtual Network Manager in the Hyper-V console.
Create a new External network and call it Wan.
It now should be Connected to the wan connection (nr 2 above). Do this by Selecting the right Intel adapter in the drop down list (i guess you get two there).

Make sure that allow management operating system …. is NOT Selected. You dont plug a Cable from the wan switch into an internal server in the physical world and neither should we do it in the virtual world.

Now we have an wan switch and we have a Connection from it to the Wan

The next step is to create a the internal switch (nr 3 above)
Create a new External network (Yes it should be external since exteranl in hyper-v means allowed to use physicall nics).
I call my one internal network.
It should now be connected to the outgoing connection (4). This is done by selecting the Realtec card.
Now make sure that allow management operating system …. is Selected. This equals putting a cable between the internal switch (3) and the server (5)

The last thing is to install and connect the firewall box.
Create a Virtual machine with two legacy network adapters.
Connect them to wan and internal (just like we would plug in two cables on a physical switch)
Install Pfsense on it

Done!